These forums have been archived and are now read-only.

The new forums are live and can be found at https://forums.eveonline.com/

EVE Information Portal

 
  • Topic is locked indefinitely.
 

Dev blog: The EVE Online API Challenge

First post
Author
Previous Topic Next Topic
Adria Blue
Digital Fiction
#41 - 2016-02-23 23:46:12 UTC  |  Edited by: Adria Blue
Adria Blue wrote:
Would making an API interface class that allows the creation of apps be able to enter? Or does the entry have to be an actual application for a particular purpose?


Thanks for replying.

By the way, that was sarcasm. Probably too late to enter now even if it is allowed.
Uppsy Daisy
State War Academy
Caldari State
#42 - 2016-02-24 00:16:07 UTC
Lucas Kell wrote:
While I was originally planning on entering into this, I'm afraid I've decided against developing a third party application. A CCP dev blog posted today has explained that third party applications that can be used to provide an unfair advantage over players not using the application can result in bans. With this in mind I cannot in good conscience produce any third party application, as almost every available use of CREST or the EVE API could be used by a player to gain an unfair advantage. For example market information aggregation will allow a trader using the program to more rapidly identify trade opportunities than a player without the application, and war/kill information would more rapidly provide an application user with intel than a non-application user.

CCP, you should really consider why you are allowing such easily exploited information through CREST when clearly the use of such data in a third party application would be a severe breach of the EULA.


Good man.

CCP need a serious kick up the backside on this one..
CCP Tellus
C C P
C C P Alliance
#43 - 2016-02-24 01:59:21 UTC
Lucas Kell wrote:
While I was originally planning on entering into this, I'm afraid I've decided against developing a third party application. A CCP dev blog posted today has explained that third party applications that can be used to provide an unfair advantage over players not using the application can result in bans.

That dev blog was explicitly referring to programs that manipulate the EVE client itself into allowing you to see and do things that you wouldn't otherwise be able to do, in the client.

You are always free to use data gathered from CREST, XML API, SDE, and other services we offer, in a way you see fit. We are offering these services because we want you to use them and take advantage of the possibilities they offer.

We are continuously improving and adding new functionality to CREST, the XML API, and the SDE all the time. We love seeing new and exciting third-party applications! And we want to encourage you all to make more of them. We are holding the API challenge to help foster these desires.

You may be wondering, how we would we react should you discover a way to take advantage of information provided by our third-party services to achieve what we would consider "unfair". We have in the past changed game mechanics to cater around new usages of our APIs in order to level the playing field. We have simply removed endpoints from our APIs in the past as well. These are examples of peaceful resolutions to "unfair" use of our APIs.

We stand nothing to gain by excommunicating players.

Hope these resolve some of your concerns.

Thanks!
CCP Tellus
C C P
C C P Alliance
#44 - 2016-02-24 02:02:17 UTC
Adria Blue wrote:
Probably too late to enter now even if it is allowed.

It's never too late to make new wonderful applications. :)
Lucas Kell
Solitude Trading
S.N.O.T.
#45 - 2016-02-24 05:36:12 UTC  |  Edited by: Lucas Kell
CCP Tellus wrote:
Lucas Kell wrote:
While I was originally planning on entering into this, I'm afraid I've decided against developing a third party application. A CCP dev blog posted today has explained that third party applications that can be used to provide an unfair advantage over players not using the application can result in bans.

That dev blog was explicitly referring to programs that manipulate the EVE client itself into allowing you to see and do things that you wouldn't otherwise be able to do, in the client.

You are always free to use data gathered from CREST, XML API, SDE, and other services we offer, in a way you see fit. We are offering these services because we want you to use them and take advantage of the possibilities they offer.

We are continuously improving and adding new functionality to CREST, the XML API, and the SDE all the time. We love seeing new and exciting third-party applications! And we want to encourage you all to make more of them. We are holding the API challenge to help foster these desires.

You may be wondering, how we would we react should you discover a way to take advantage of information provided by our third-party services to achieve what we would consider "unfair". We have in the past changed game mechanics to cater around new usages of our APIs in order to level the playing field. We have simply removed endpoints from our APIs in the past as well. These are examples of peaceful resolutions to "unfair" use of our APIs.

We stand nothing to gain by excommunicating players.

Hope these resolve some of your concerns.

Thanks!
Thanks. I appreciate the reply, however it doesn't really resolve the concerns. Up until now, there's been clear guidance on the use of EVE-O preview, a program writing with input from a CCP dev that's always been allowed, and now seems to fall under the unfair part. Many applications grant an obvious unfair advantage even if they don't directly interact with the client UI, and the bit that worries me about using CREST and the API to build an application is this:
Quote:
Please be aware of the fact that we do a lot of data analysis which grants us insight into behavior patterns and allows us to detect anomalies. In a lot of cases we do not need to know what you do on the client side because looking at the behavior in our very detailed event logs on the server side allows us to see if you have/had an unfair advantage over anybody else including the game environment. We don’t know all the tools out there and what they do exactly - and frankly we don’t care. If you get banned, then this is because the results of what you did and how you potentially gained from it manifested in our server-side logs.
This is so broad that I 'd be concerned about getting caught up in it, and in all honesty I'd rather play it safe and simply not be involved in anything that might one day be considered an unfair advantage.

The Indecisive Noob - EVE fan blog.

Wholesale Trading - The new bulk trading mailing list.
Max Kolonko
Caldari Provisions
Caldari State
#46 - 2016-02-24 07:39:57 UTC  |  Edited by: Max Kolonko
Lucas Kell wrote:
CCP Tellus wrote:
Lucas Kell wrote:
While I was originally planning on entering into this, I'm afraid I've decided against developing a third party application. A CCP dev blog posted today has explained that third party applications that can be used to provide an unfair advantage over players not using the application can result in bans.

That dev blog was explicitly referring to programs that manipulate the EVE client itself into allowing you to see and do things that you wouldn't otherwise be able to do, in the client.

You are always free to use data gathered from CREST, XML API, SDE, and other services we offer, in a way you see fit. We are offering these services because we want you to use them and take advantage of the possibilities they offer.

We are continuously improving and adding new functionality to CREST, the XML API, and the SDE all the time. We love seeing new and exciting third-party applications! And we want to encourage you all to make more of them. We are holding the API challenge to help foster these desires.

You may be wondering, how we would we react should you discover a way to take advantage of information provided by our third-party services to achieve what we would consider "unfair". We have in the past changed game mechanics to cater around new usages of our APIs in order to level the playing field. We have simply removed endpoints from our APIs in the past as well. These are examples of peaceful resolutions to "unfair" use of our APIs.

We stand nothing to gain by excommunicating players.

Hope these resolve some of your concerns.

Thanks!
Thanks. I appreciate the reply, however it doesn't really reosolve the concerns. Up until now, there's been clear guidance on the use of EVE-O preview, a program writing with input from a CCP dev that's always been allowed, and now seems to fall under the unfair part. Many applications grant an obvious unfair advantage even if they don't directly interact with the client UI, and the bit that worries me about using CREST and the API to build an application is this:
Quote:
Please be aware of the fact that we do a lot of data analysis which grants us insight into behavior patterns and allows us to detect anomalies. In a lot of cases we do not need to know what you do on the client side because looking at the behavior in our very detailed event logs on the server side allows us to see if you have/had an unfair advantage over anybody else including the game environment. We don’t know all the tools out there and what they do exactly - and frankly we don’t care. If you get banned, then this is because the results of what you did and how you potentially gained from it manifested in our server-side logs.
This is so broad that I 'd be concerned about getting caught up in it, and in all honesty I'd rather play it safe and simply not be involved in anything that might one day be considered an unfair advantage.


This is really simple for me: does your program modify client? If no then you have nothing to worry about. If yes then: does your program does anything other than displaying simple, non-client stuff like ts/mumble/ventrilo overlay? If no you are safe. If yes then you enter gray area.

Yes, eve preview became gray area right now, and would be great if ccp gave clear response but it was in the same grayish area before along with ts overlay. And now is innocent victim of otherwise great change for all players.

Dont try to spin it into more than it is, cause its not working.

Read and support: Don't mess with OUR WH's What is Your stance on WH stuff?
Lucas Kell
Solitude Trading
S.N.O.T.
#47 - 2016-02-24 08:06:57 UTC
Max Kolonko wrote:
This is really simple for me: does your program modify client? If no then you have nothing to worry about. If yes then: does your program does anything other than displaying simple, non-client stuff like ts/mumble/ventrilo overlay? If no you are safe. If yes then you enter gray area.

Yes, eve preview became gray area right now, and would be great if ccp gave clear response but it was in the same grayish area before along with ts overlay. And now is innocent victim of otherwise great change for all players.

Dont try to spin it into more than it is, cause its not working.
But it's not that simple. That quite clearly states that they don;t look at what is happening on the client, only what the effect is. Take for example Elinor. It's am market program. You sit in the client and hit the export button on the market window. It picks up the text file that is exported reads the data copies a price into the clipboard which you then paste into your game window. No client interaction, but a much faster market speed. From CCPs point fo view this increases the rate at which you can enter orders, and since they aren't looking at your client they have no way to tell how you are doing it, only the end result.

At the end of the day, all third party programs are going to give people a benefit over players not using it. If I develop a market program which allows people to rapidly build up and modify market orders by aggregating CREST market data, how can I be sure that someone using it isn't going to be accused of using an unfair advantage and banned? I can't be, so I'd much rather not involve myself in developing, testing, using or supporting any third party applications until CCP are willing to ultimately clarify their stance. I'd urge all other developers to do the same as in the long run it will help us all if CCP are completely clear on what constitutes an unfair advantage from a third party application.

The Indecisive Noob - EVE fan blog.

Wholesale Trading - The new bulk trading mailing list.
Koenig Yazria
Adversity.
Psychotic Tendencies.
#48 - 2016-02-24 08:25:04 UTC
Same here.

I find it also hard to justify time developing something given the apparent unstable opinion CCP has.

What is legal now can be a bannable offense in 6 months.

Not worth developing if the conditions are these.
Uppsy Daisy
State War Academy
Caldari State
#49 - 2016-02-24 09:03:55 UTC
It sounds to me like CCP have a load of server-side logs that they are using to monitor players in lots of different ways, and if any player breaches a pre-defined threshold this will be deemed as 'unfair advantage' and will result in a warning/ban.

For example, they might have a threshold on market orders entered or modified per minute, and if you breach that you must have an 'unfair advantage'.

I can see how if this is indeed their position, they would not want to reveal the counters or the thresholds for fear of exploitation by the bad guys.
Ali 2k
Triton Heavy Industries
#50 - 2016-02-29 20:14:24 UTC  |  Edited by: Ali 2k
I seem to be receiving error 502 when attempting to query any authed CREST endpoints (contacts/fittings/waypoints) is this a known issue at the moment?

[EDIT]

I can occasionally receive the following response:

{"message": "Not accepting connections", "key": "NotAcceptingConnection", "exceptionType": "ServiceUnavailableError"}


[EDIT 2]

I can now receive the following response - how do I supply the "Authentication scope"?

{"message": "Authentication scope needed", "key": "authNeeded", "exceptionType": "UnauthorizedError"}


[EDIT 3]

The above response is stating that the access token does not have the correct authentication scope allowed. We got there..
Ali 2k
Triton Heavy Industries
#51 - 2016-02-29 21:15:52 UTC
I am attempting to access character waypoints with the waypoint endpoint - I receive the folowing response when attempting to POST the request.

Quote:
{"message": "The route /characters/261499393/waypoints/ was not found", "key": "routeMissing", "exceptionType": "NotFoundError"}


Can you confirm this is the correct endpoint for waypoints?
CCP FoxFour
C C P
C C P Alliance
#52 - 2016-03-01 10:06:33 UTC
Ali 2k wrote:
I am attempting to access character waypoints with the waypoint endpoint - I receive the folowing response when attempting to POST the request.

Quote:
{"message": "The route /characters/261499393/waypoints/ was not found", "key": "routeMissing", "exceptionType": "NotFoundError"}


Can you confirm this is the correct endpoint for waypoints?


/characters/[characterID:characterIdType]/navigation/waypoints/

You can find a link to it in:

/characters/[characterID:characterIdType]/

@CCP_FoxFour // Technical Designer // Team Tech Co

Third-party developer? Check out the official developers site for dev blogs, resources, and more.
Calavoow2
Royal Amarr Institute
Amarr Empire
#53 - 2016-03-01 13:50:53 UTC
Are we allowed to submit under a more restrictive open-source license than MIT? Specifically, a GPL-like license?
CCP FoxFour
C C P
C C P Alliance
#54 - 2016-03-01 14:11:01 UTC
Calavoow2 wrote:
Are we allowed to submit under a more restrictive open-source license than MIT? Specifically, a GPL-like license?


MIT is required to submit to the contest.

@CCP_FoxFour // Technical Designer // Team Tech Co

Third-party developer? Check out the official developers site for dev blogs, resources, and more.
Xiaou Bijoun
Imperial Academy
Amarr Empire
#55 - 2016-03-04 03:36:48 UTC  |  Edited by: Xiaou Bijoun
The endpoint "https://public-crest.eveonline.com" is not responding. Is the server expected to be back up soon? Nearing the deadline for entries.

Edit: Not a minute after I post the server starts responding again.
Aes Sayyadina
Blackjack And Hookers.
#56 - 2016-03-04 03:48:43 UTC
Quick question, I'm having some trouble with the refresh_tokens for SSO. I can authenticate properly and get back an access token and a refresh token, and I can properly query a character's location so I know I have the scopes working properly. However, once the access token expires I can't get https://login.eveonline.com/oauth/token to give me back another access token; I keep getting internal server errors (ex: Internal server error. Error ref: 25664038-db46-4757-a912-498e916db087).

I know that I have the Authorization header correct (because I can get the tokens in the first place!), and I am doing a post request with grant_type=refresh_token and refresh_token=[previously received refresh token]. Even set the content-type header as application/x-www-form-urlencoded. If I got anything more useful back from the server, I might be able to debug this myself, but I'm at a loss right now.
Ryanis
Proudly Snoring
#57 - 2016-03-04 14:24:07 UTC  |  Edited by: Ryanis
Hello there,

@FoxFour: is there a way to check if our submission got recorded ? (like, if the browser crashed shortly after)

Also, I noticed that, after granting "FittingRead" right to my application and downloading fits, this info does not show up in the web support center (Home > Support > Third Party Applications).
I thought all granted permissions should be manageable there ? Did I missed something ? Is this a bug ?

@Aes Sayyadina: if it can help you, you can check my own code on GitHub (last function).
Maybe your URI is incorrect ? It should be https://SSO_SERVER/oauth/token/

Regards,
Ryanis
Ali 2k
Triton Heavy Industries
#58 - 2016-03-04 15:05:09 UTC
Looks like authenticated crest (and login.eveonline.com) are down? Any confirmations?
Aes Sayyadina
Blackjack And Hookers.
#59 - 2016-03-04 16:28:05 UTC
@Ryanis
Thanks for the tip, but I am already POSTing against https://login.eveonline.com/oauth/token, so that shouldn't be the problem. The SSO server just continues to return an Internal Server Error each time I try to use my refresh token.
Ali 2k
Triton Heavy Industries
#60 - 2016-03-04 23:31:45 UTC
Well, half an hour to go and I can't test the final bits of of my app with the internal server errors from the API.. feeling a little salty!